Investigation report

SEARCH

Then, It guides reader to create a few simple programs using Python. Chapter 2 focuses on penetration testing by using self-made Python tools to script attacks. The author strongly emphasized on the importance of writing your own Python tools for penetration testing. In this chapter the author will guide through the steps to build a port scanner, SSH Botnet and Zero-Day Attack all by using Python for penetration testing purpose. Also. ways to attack SSH. FTP and SMB protocols are also included in this chapter. In Chapter 3 of this book, it mainly focus on the application of python in the forensic field.

We will write a custom essay sample on Investigation report or any similar topic specifically for you

This chapter Included the scripting method and coding to retrieve mac addresses and physical location. Python also can used to recover the geo-locate (Wigle Mac). This chapter also covered the title on how to find deleted item in using OS module. By using the Windows SID to translate user name all the deleted files, which Is still in, recycle bin based on each user will be readable. on the other hand, metadata extraction can be done using python library named, “pyPdf”. By using the EXIF tool included in the python-imaging library, metadata of the EXIF file can be retrieved.

Artifacts can be easily found in each application, therefore python codes to review the application artifacts are provided. Chapter 3 has provided a set of method to Investigate ITunes mobile backup using python. In the Chapter of 4 and 5, the author relates the python into networking related field, which users will need the knowledge of networking in order to perform and understand certain task in the sample case provided. The Chapter 4 is regarding o “Network Traffic Analysis with Python” while Chapter 5 Is regarding “Wireless Mayhem with Python”.

In both chapter, the author based on a real case scenario and try to recreate the event by using available python libraries and Scapy a powerful interactive packet manipulation program to begin network traffic analysis with the aid of modified scripting created by the author. These chapters can provide solutions on how to write a toolkit togenerate several detection methods Into performing analysis for the network traffic as well as to understand how dangerous it is using nsecured network connection.

Page 2 Investigation report Essay

While In the world full of network connectivity, It Is important to know how to secure a network connection and the author provides certain case toproof that how vulnerable a network open connection can be by auditing the wireless devices and mobile devices. In chapter 6, the author introduces the web recon with python. In this chapter, It Includes how to retrieve browser source 1 OF2 browser. Other than manipulating browser, this chapter also includes the method to stay anonymity by adding proxy, user-agents and cookies.

Python code can be also used to interacting with the google API as well as parsing tweets in Twitter. Not only parsing tweets are available, python code can also parse the location data of the tweets by using regular expression. In this chapter, it has also included the implementation of the smtplib which will allow user to auto generate and send email to targeted destination. The final chapter of this book ends with building a malware to evade antivirus system.

As most antivirus engines primarily use signature-based detection as their ain method of detection, by altering the malware we could simply evade antivirus detection. In this chapter the author will provide tutorials on how to evade antivirus detection by using Python. Summarizing, this cookbook can be used for various testing and investigation. This book is to be introducing to more advance reader with experience due to its complexity of codes and samples. The usage of python is broader than the other programming language as of the size is smaller and programming logic is more flexible than the others.